-
1.发明申请公开(公告)号:US20110035592A1
公开(公告)日:2011-02-10
申请号:US12650728
申请日:2009-12-31
申请人: Inhyok Cha , Yogendra Shah , Andreas Schmidt
发明人: Inhyok Cha , Yogendra Shah , Andreas Schmidt
IPC分类号: H04L9/00
CPC分类号: H04W12/06 , H04L63/205 , H04W84/045
摘要: An authentication method selection using a home enhanced Node B (H(e)NB) profile is disclosed. A method for selecting an H(e)NB authentication method includes authenticating at least one of the device or the hosting party module by a security gateway (SeGW). The SeGW receives a request from the H(e)NB to start the authentication process. Based on information received from the H(e)NB and an authentication information server, the SeGW determines how to authenticate the H(e)NB. The possible authentication methods include device authentication only, device authentication and hosting party module authentication, requesting the H(e)NB to perform authentication using Extensible Authentication Protocol-Authentication and Key Agreement, or authentication of both the H(e)NB and one or more WTRUs connected to or attempting to connect to the H(e)NB.
摘要翻译: 公开了使用归属增强型节点B(H(e)NB)简档的认证方法选择。 用于选择H(e)NB认证方法的方法包括通过安全网关(SeGW)认证所述设备或所述主办方模块中的至少一个。 SeGW从H(e)NB接收请求以开始认证过程。 根据从H(e)NB和认证信息服务器接收的信息,SeGW确定如何认证H(e)NB。 可能的认证方法包括仅设备认证,设备认证和主机模块认证,请求H(e)NB使用可扩展认证协议 - 认证和密钥协商进行认证,或认证H(e)NB和一个或 更多的WTRU连接到或尝试连接到H(e)NB。
-
2.发明申请METHOD AND SYSTEM FOR ENHANCING CRYPTOGRAPHIC CAPABILITIES OF A WIRELESS DEVICE USING BROADCASTED RANDOM NOISE 有权使用广播随机噪声增强无线设备的可视化能力的方法和系统公开(公告)号:US20080089518A1
公开(公告)日:2008-04-17
申请号:US11871683
申请日:2007-10-12
申请人: Alexander Reznik , Alain Briancon , Yevgeniy Dodis , Yogendra Shah , Chunxuan Ye , Robert DiFazio , Inhyok Cha
发明人: Alexander Reznik , Alain Briancon , Yevgeniy Dodis , Yogendra Shah , Chunxuan Ye , Robert DiFazio , Inhyok Cha
IPC分类号: H04L9/20
CPC分类号: H04W12/04 , H04L9/065 , H04L9/0869 , H04L9/0875 , H04L63/0457 , H04L2209/08 , H04L2209/80 , H04W12/02
摘要: A secret stream of bits begins by receiving a public random stream contained in a wireless communication signal at a transmit/receive unit. The public random stream is sampled and specific bits are extracted according to a shared common secret. These extracted bits are used to create a longer secret stream. The shared common secret may be generated using JRNSO techniques, or provided to the transmit/receive units prior to the communication session. Alternatively, one of the transmit/receive unit is assumed to be more powerful than any potential eavesdropper. In this situation, the powerful transmit/receive unit may broadcast and store a public random stream. The weaker transmit/receive unit selects select random bits of the broadcast for creating a key. The weaker transmit/receive unit sends the powerful transmit/receive unit the selected bit numbers, and powerful transmit/receive unit uses the random numbers to produce the key created by the weaker transmit/receive unit.
摘要翻译: 秘密的比特流开始于在发送/接收单元处接收包含在无线通信信号中的公共随机流。 公共随机流被采样,并且根据共享的公共秘密提取特定位。 这些提取的比特用于创建更长的秘密流。 可以使用JRNSO技术生成共享公用秘密,或者在通信会话之前提供给发送/接收单元。 或者,假设发射/接收单元之一比任何潜在的窃听者更强大。 在这种情况下,强大的发送/接收单元可以广播和存储公共随机流。 较弱的发送/接收单元选择用于创建密钥的广播的选择随机比特。 较弱的发射/接收单元发送强大的发射/接收单元所选择的位号,强大的发射/接收单元使用随机数产生由较弱发射/接收单元产生的密钥。
-
3.发明申请METHOD AND APPARATUS FOR PROVIDING TRUSTED SINGLE SIGN-ON ACCESS TO APPLICATIONS AND INTERNET-BASED SERVICES 有权提供信用单点登录访问应用程序和基于互联网的服务的方法和装置公开(公告)号:US20080059804A1
公开(公告)日:2008-03-06
申请号:US11843517
申请日:2007-08-22
申请人: Yogendra Shah , Inhyok Cha , Alexander Reznik
发明人: Yogendra Shah , Inhyok Cha , Alexander Reznik
CPC分类号: H04L63/0442 , G06F21/41 , H04L63/0815 , H04L63/083 , H04L63/0884
摘要: A method and apparatus for password management and single sign-on (SSO) access based on trusted computing (TC) technology. The methods implement the Trusted Computing Group (TCG)'s trusted platform module (TPM), which interacts with both proxy SSO unit and web-accessing applications to provide a secure, trusted mechanism to generate, store, and retrieve passwords and SSO credentials. The various embodiments of the present invention allow a user to hop securely and transparently from one site to another that belong to a pre-identified group of sites, after signing on just once to a secured proxy residing at the user's device.
摘要翻译: 一种基于可信计算(TC)技术的密码管理和单点登录(SSO)访问的方法和装置。 该方法实施了可信计算组(TCG)的可信平台模块(TPM),该平台模块与代理SSO单元和Web访问应用程序进行交互,以提供安全可靠的机制来生成,存储和检索密码和SSO凭据。 本发明的各种实施例允许用户在仅驻留在用户设备上的安全代理器一次登录之后,从属于预先识别的站点组的一个站点到另一站点安全地和透明地跳转。
-
公开(公告)号:US20070266256A1
公开(公告)日:2007-11-15
申请号:US11745697
申请日:2007-05-08
申请人: Yogendra Shah , Inhyok Cha
发明人: Yogendra Shah , Inhyok Cha
IPC分类号: H04L9/00
CPC分类号: H04L9/3297 , G06F21/725 , H04L9/3234 , H04L63/0853 , H04L63/10 , H04L63/12 , H04L63/126 , H04L2463/101 , H04L2463/102 , H04W12/10 , H04W12/12
摘要: The present invention is related to a wireless transmit/receive unit (WTRU) for providing advanced security functions. The WTRU includes trusted platform module (TPM) for performing trusted computing operations; and a secure time component (STC) for providing a secure measurement of a current time. The STC and the TPM are integrated to provide accurate trusted time information to internal and external to the WTRU. The STC may be located on an expanded a subscriber identity module (SIM), on the WTRU platform, or two STCs may be used, one in each location. Similarly, the TPM may be located on an expanded SIM, on the WTRU platform, or two TPMs may be used, one in each location. Preferably, the STC will include a real time clock (RTC); a tamper detection and power failure unit; and a time report and sync controller.
摘要翻译: 本发明涉及用于提供高级安全功能的无线发射/接收单元(WTRU)。 WTRU包括用于执行可信计算操作的可信平台模块(TPM) 以及用于提供当前时间的安全测量的安全时间分量(STC)。 集成了STC和TPM,以向WTRU的内部和外部提供准确的可信时间信息。 STC可以位于WTRU平台上的扩展的订户身份模块(SIM)上,或者可以在每个位置中使用两个STC。 类似地,TPM可以位于WTRU平台上的扩展SIM上,或者可以在每个位置中使用两个TPM。 优选地,STC将包括实时时钟(RTC); 篡改检测和电源故障单元; 和时间报告和同步控制器。
-
5.发明申请Authentication and encryption methods using shared secret randomness in a joint channel 审中-公开在联合通道中使用共享秘密随机性的认证和加密方法公开(公告)号:US20070036353A1
公开(公告)日:2007-02-15
申请号:US11444558
申请日:2006-05-31
申请人: Alexander Reznik , Debashish Purkayastha , Steven Goldberg , Robert Olesen , Marian Rudolf , Inhyok Cha , Alan Carlton , Yogendra Shah , Shamim Rahman , Rajat Mukherjee , Robert DiFazio , Gregory Sternberg , Leonid Kazakevich , Kazimierz Siwiak , Guodong Zhang , Tanbir Haque , Louis Guccione , Prabhakar Chitrapu , Akinlolu Kumoluyi , Alain Briancon
发明人: Alexander Reznik , Debashish Purkayastha , Steven Goldberg , Robert Olesen , Marian Rudolf , Inhyok Cha , Alan Carlton , Yogendra Shah , Shamim Rahman , Rajat Mukherjee , Robert DiFazio , Gregory Sternberg , Leonid Kazakevich , Kazimierz Siwiak , Guodong Zhang , Tanbir Haque , Louis Guccione , Prabhakar Chitrapu , Akinlolu Kumoluyi , Alain Briancon
IPC分类号: H04L9/30
CPC分类号: H04B7/0434 , H04B7/0695 , H04L9/0631 , H04L9/0656 , H04L9/0875 , H04L9/3271 , H04L63/0428 , H04L63/061 , H04L63/08 , H04L63/1441 , H04L63/1466 , H04L63/18 , H04L2209/34 , H04L2209/80 , H04W12/00503 , H04W12/00508 , H04W12/02 , H04W12/04 , H04W12/06 , H04W92/10
摘要: The present invention relates to secret key generation and authentication methods that are based on joint randomness not shared by others (JRNSO), in which unique channel response between two communication terminals generates a secret key. Multiple network access points use a unique physical location of a receiving station to increase user data security. High data rate communication data is encrypted by generating a random key and a pseudo-random bit stream. A configurable interleaving is achieved by introduction of JRNSO bits to an encoder used for error-correction codes. Databases of user data are also protected by JRNSO-based key mechanisms. Additional random qualities are induced on the joint channel using MIMO eigen-beamforming, antenna array deflection, polarization selection, pattern deformation, and path selection by beamforming or time correlation. Gesturing induces randomness according to uniquely random patterns of a human user's arm movements inflected to the user device.
摘要翻译: 本发明涉及基于其他人不共享的联合随机性(JRNSO)的秘密密钥生成和认证方法,其中两个通信终端之间的唯一信道响应产生密钥。 多个网络接入点使用接收站的唯一物理位置来增加用户数据的安全性。 通过生成随机密钥和伪随机比特流来加密高数据速率通信数据。 通过将JRNSO位引入用于纠错码的编码器来实现可配置的交错。 用户数据的数据库也受到基于JRNSO的关键机制的保护。 使用MIMO本征波束形成,天线阵列偏转,偏振选择,图案变形以及通过波束形成或时间相关的路径选择在联合信道上引起附加随机质量。 手势根据用户装置的人体手臂运动的唯一随机模式引起随机性。
-
公开(公告)号:US20120079559A1
公开(公告)日:2012-03-29
申请号:US13078716
申请日:2011-04-01
IPC分类号: G06F17/00
CPC分类号: H04L63/20 , H04L12/5692 , H04L41/5019 , H04L63/105 , H04W12/08
摘要: Systems, methods, and apparatus are disclosed for coordinating enforcement of policies on a network and/or a wireless transmit/receive unit. The policies may include stakeholder-specific policies of one or more stakeholders that provide services on a user equipment. Enforcement of the stakeholder-specific policies may be securely coordinated using a policy coordination function. Systems, methods, and apparatus are also disclosed that include a network policy coordination function (NPCF) that coordinates service control policies and access control policies. The NPCF may coordinate enforcement of the service control policies for one or more service control entities and the access control policies for one or more access control entities.
摘要翻译: 公开了用于协调网络和/或无线发射/接收单元上的策略的实施的系统,方法和装置。 这些策略可以包括在用户设备上提供服务的一个或多个利益相关者的利益相关者特定的策略。 可以使用政策协调功能来安全地协调利益相关者特定政策的执行。 还公开了包括协调服务控制策略和访问控制策略的网络策略协调功能(NPCF)的系统,方法和装置。 NPCF可以协调一个或多个服务控制实体的服务控制策略的执行和一个或多个访问控制实体的访问控制策略。
-
公开(公告)号:US20080046758A1
公开(公告)日:2008-02-21
申请号:US11744304
申请日:2007-05-04
申请人: Inhyok Cha , Amit Singhal , Yogendra Shah
发明人: Inhyok Cha , Amit Singhal , Yogendra Shah
CPC分类号: G06F21/10 , G06F21/57 , H04L9/3247 , H04L63/12 , H04L63/20
摘要: The present invention discloses several methods to strengthen the integrity of entities, messages, and processing related to content distribution as defined by the Open Mobile Alliance (OMA) Digital Rights Management (DRM). The methods use techniques related to the Trusted Computing Group (TCG) specifications. A first embodiment uses TCG techniques to verify platform and DRM software integrity or trustworthiness, both with and without modifications to the DRM rights object acquisition protocol (ROAP) and DRM content format specifications. A second embodiment uses TCG techniques to strengthen the integrity of ROAP messages, constituent information, and processing without changing the existing ROAP protocol. A third embodiment uses TCG techniques to strengthen the integrity of the ROAP messages, information, and processing with some changes to the existing ROAP protocol.
摘要翻译: 本发明公开了加强与由开放移动联盟(OMA)数字版权管理(DRM)定义的内容分发有关的实体,消息和处理的完整性的几种方法。 该方法使用与可信计算组(TCG)规范相关的技术。 第一实施例使用TCG技术来验证平台和DRM软件完整性或可信赖性,无论是否修改DRM权限对象获取协议(ROAP)和DRM内容格式规范。 第二实施例使用TCG技术来加强ROAP消息,组成信息和处理的完整性,而不改变现有的ROAP协议。 第三个实施例使用TCG技术来加强ROAP消息,信息和处理的完整性,并对现有的ROAP协议进行一些改变。
-
公开(公告)号:US08914674B2
公开(公告)日:2014-12-16
申请号:US13289154
申请日:2011-11-04
申请人: Yogendra C. Shah , Lawrence Case , Dolores F. Howry , Inhyok Cha , Andreas Leicher , Andreas Schmidt
发明人: Yogendra C. Shah , Lawrence Case , Dolores F. Howry , Inhyok Cha , Andreas Leicher , Andreas Schmidt
CPC分类号: G06F11/0709 , G06F11/0751 , G06F11/079 , G06F11/0793 , G06F11/08 , G06F21/10 , G06F21/575 , G06F2221/2103 , G06F2221/2111 , H04L63/123 , H04M1/24 , H04W8/22 , H04W12/10 , H04W24/02
摘要: A wireless communications device may be configured to perform integrity checking and interrogation with a network entity to isolate a portion of a failed component on the wireless network device for remediation. Once an integrity failure is determined on a component of the device, the device may identify a functionality associated with the component and indicate the failed functionality to the network entity. Both the wireless network device and the network entity may identify the failed functionality and/or failed component using a component-to-functionality map. After receiving an indication of an integrity failure at the device, the network entity may determine that one or more additional iterations of integrity checking may be performed at the device to narrow the scope of the integrity failure on the failed component. Once the integrity failure is isolated, the network entity may remediate a portion of the failed component on the wireless communications device.
摘要翻译: 无线通信设备可以被配置为执行与网络实体的完整性检查和询问,以隔离无线网络设备上的故障组件的一部分以进行修复。 一旦在设备的组件上确定完整性故障,则设备可以识别与组件相关联的功能并且向网络实体指示失败的功能。 无线网络设备和网络实体都可以使用组件到功能映射来识别故障功能和/或故障组件。 在接收到设备上的完整性故障的指示之后,网络实体可以确定可以在设备处执行完整性检查的一个或多个附加迭代以缩小故障组件上的完整性故障的范围。 一旦完整性故障被隔离,则网络实体可以修复无线通信设备上的故障组件的一部分。
-
9.发明申请Method and Apparatus for Trusted Federated Identity Management and Data Access Authorization 有权用于可信联合身份管理和数据访问授权的方法和装置公开(公告)号:US20120023568A1
公开(公告)日:2012-01-26
申请号:US13011558
申请日:2011-01-21
申请人: Inhyok Cha , Andreas Schmidt , Andreas Leicher , Yogendra C. Shah
发明人: Inhyok Cha , Andreas Schmidt , Andreas Leicher , Yogendra C. Shah
IPC分类号: H04W12/06
CPC分类号: H04W12/06 , G06F21/335 , G06F21/57 , G06F2221/2115 , H04L63/0807 , H04L2463/121
摘要: Systems, methods, and instrumentalities are disclosed that may provide for integration of trusted OpenID (TOpenID) with OpenID. The authentication may be accomplished, in part, via communications between a trusted ticket server on a UE and a network application function. The UE may retrieve platform validation data (e.g., from a trusted platform module on the UE). The UE may receive a platform verification in response to the platform validation data. The platform verification may indicate that the network application function has verified the platform validation data and the user. The platform verification may indicate that the platform validation data matches a previously generated reference value.
摘要翻译: 公开了可以提供可信OpenID(TOpenID)与OpenID的集成的系统,方法和工具。 认证可以部分地通过UE上的信任票据服务器和网络应用功能之间的通信来实现。 UE可以检索平台验证数据(例如,从UE上的可信平台模块)。 UE可以响应于平台验证数据而接收平台验证。 平台验证可以指示网络应用功能已经验证了平台验证数据和用户。 平台验证可以指示平台验证数据与先前生成的参考值相匹配。
-
10.发明授权Smart card with domain-trust evaluation and domain policy management functions 有权具有域信任评估和域策略管理功能的智能卡公开(公告)号:US09363676B2
公开(公告)日:2016-06-07
申请号:US13991530
申请日:2011-12-06
申请人: Louis J. Guccione , Michael V. Meyerstein , Inhyok Cha , Andreas Schmidt , Andreas Leicher , Yogendra C. Shah
发明人: Louis J. Guccione , Michael V. Meyerstein , Inhyok Cha , Andreas Schmidt , Andreas Leicher , Yogendra C. Shah
CPC分类号: G06F21/604 , G06F21/10 , G06F21/6218 , H04L63/00 , H04L63/205 , H04W12/08 , H04W12/10 , H04W12/12
摘要: One or more wireless communications device may include one or more domains that may be owned or controlled by one or more different owners. One of the domains may include a security domain having ultimate control over the enforcement of security policies on the one or more wireless communications devices. Another one of the domains may include a system-wide domain manager that is subsidiary to the security domain and may enforce the policies of one or more subsidiary domains. The system-wide domain manager may enforce its policies based on a privilege level received from the security domain. The privilege level may be based on the level of trust between an external stakeholder, such as an owner of a domain that is subsidiary to the system-wide domain manager, and the security domain.
摘要翻译: 一个或多个无线通信设备可以包括可由一个或多个不同所有者拥有或控制的一个或多个域。 一个域可以包括对一个或多个无线通信设备上的安全策略的执行的最终控制的安全域。 另一个域可以包括系统范围的域管理器,其是安全域的子公司,并且可以执行一个或多个子域的策略。 系统范围的域管理器可以基于从安全域接收到的特权级别强制执行其策略。 权限级别可以基于外部利益相关者(例如,系统范围域名管理员的子域的所有者)与安全域之间的信任级别。
-
-
-
-
-
-
-
-
-
搜索结果
123 条记录 (耗时 0.025 秒)